Site logo

Prometheus 6

All respect and no restraint
Home » Blogs » Prometheus 6's blog

Sounds like an inside job

Posted March 30th, 2008 by Prometheus 6
in

Even while the Hannaford hack was still going on last month, the company was found to be in compliance with security standards required by the Payment Card Industry, a coalition founded by credit card companies.

Malware Cited in Supermarket Data Breach
By THE ASSOCIATED PRESS

Filed at 4:29 p.m. ET

PORTLAND, Maine (AP) -- Unauthorized software that was secretly installed on servers in Hannaford Bros. Co.'s supermarkets across the Northeast and in Florida enabled the massive data breach that compromised up to 4.2 million credit and debit cards, the company said Friday.

The Scarborough, Maine-based grocer confirmed a report in The Boston Globe that it told Massachusetts regulators this week about the link between the breach and the illicit programs, known as ''malware.''

The company doesn't know how the malware -- short for malicious software -- got onto nearly all its 271 stores' servers, Hannaford spokeswoman Carol Eleazer said.

''Virtually everything is possible,'' she said. ''There are still many, many aspects that we don't totally understand.''

At least 1,800 cases of fraud have been linked to the data breach, with unauthorized charges showing up as far afield as Mexico, Italy and Bulgaria.

The breach has prompted concern in the industry because it appeared to be the first large-scale theft of credit and debit card numbers while the information was in transit.

The usual mode of attack targets data sitting in databases, as in the record-setting theft of information from Massachusetts-based TJX Cos. involving least 45 million card numbers belonging to customers of T.J. Maxx and Marshalls stores.

TJX Cos. agreed to regular external security audits in a settlement this week with the Federal Trade Commission regarding the breach, which occurred in 2005 and 2006. The FTC lacks the authority to impose fines.

Sherry Lang, TJX's senior vice president for investor and public relations, said the company disagreed with the FTC's allegations that it didn't properly protect customer data. But she said the settlement ''is consistent with the agreements between the FTC and other retailers that have been victimized by cyber crime.''

A federal consumer lawsuit against TJX is pending in Boston.

Hannaford has said its breach, which occurred between Dec. 7 and March 10, allowed credit and debit card numbers to be stolen as shoppers swiped their cards at checkout line machines and the information was transmitted to banks for approval.

The malware turned up in all Hannaford stores in New England and New York and in most of the company's affiliated Sweetbay stores in Florida, Eleazer said.

Bookmark/Search this post with:

Yep!

On March 30th, 2008 DarkStar says:

You are correct. It is an inside job. Insiders are THE GREATEST IT threat.

User login

The last word on The Bradley Effect, by ptcruiser.

Recent comments

Google search




Most popular threads

Blog links

African American Political Pundit
ALLABOUTGEORGE.com
Bomani Jones
blac(k)ademic
blackademics.org
blacksmythe.com
Caged Lion
ebogjonson
Jack and Jill Politics
Names4Things
ripples of hope
The Dis Brimstone-Daily Pitchfork
Essential Presence
Exodus Mentality
Monroe Anderson
Professor Kim's News Notes
Racism Review
Skeptical Brotha
State of the Qusan
Temple 3
The N-Quest
The Struggle Within
three brothers and A SISTER
Too Sense
Wil's Notes
Zuky
Cobb
A Skeptical Blog
Alas, a Blog
All Facts and Opinions
American Leftist
Apathy Inc.
Blogcritics
Blunted on Reality
Brad DeLong
CenterPoint - A Centrist Weblog
Crooked Timber
Democratic Veteran
different strings
Eschaton
Everything Burns
ex-lion tamer
Fables of the reconstruction
fantastic planet
feministe
Flagrancy to Reason
Folkbum's Rambles and Rants
Group News Blog
Happy Furry Puppy Story Time
Hellblazer
Hobson's Choice
Hullabaloo
I protest.
In A Dark Time
In Search of Utopia
J-Notes
Jon Swift
Jesus' General
karmalised
Keywords
King of Zembla
LatinoPundit
LiberalOasis
Live Your Life As If It's Real
Lynne d Johnson
Mark A.R. Kleiman
MaxSpeak
Mahablog
Modulator
mousemusings weblog
Move the Crowd
MYKERU.COM
NathanNewman.org
Negrophile.
NegroPleaseDotCom
nightcrawler
Not Geniuses
Oliver Willis
Orcinus
YBLOG
Pacific Views
Pandagon
Peevish
Plucky Punk's Happy Land
Political Animal
Ray Garraud
Resource.full
Rook's Rant
Sadly, No!
Shadow of the Hegemon
Suburban Guerrilla
Talking Points Memo
TalkLeft
TBOGG
Technically Speaking
The Funny Farm
The Last Nerve
The Village Gate
The Storm
thoughts on the eve of the apocalypse
thousand yard glare
Tomato Observer
TOPDOG08.COM
Totalitarianism Today
Uppity-Negro.com
veiled4allah
Wampum
Waveflux
William Dipini
Whom Gods Destroy
XX
( a burst of light }
Technically Speaking
Moore's Lore
etc.
Zenpundit
Dog of Flanders
Suburban Blight
baldilocks
Scott at blogspot
Daniel W. Drezner
dcthornton.com
Foreign Dispatches
Real Clear Politics
Alpha Patriot

Tip jar


Who's new

  • gepo
  • hspunkie
  • tmckeown
  • moretoblack
  • larkin

Who's online

There are currently 2 users and 9 guests online.

Online users

  • Prometheus 6
  • rikyrah

...

Syndicate

Syndicate content
This site best viewed with a jaundiced eye